Auth. Stored Cross-Site Scripting (XSS) vulnerability discovered by Lana Codes in WordPress Videojs HTML5 Player plugin (versions <= 1.1.8).
Update the WordPress Videojs HTML5 Player plugin to the latest available version (at least 1.1.9).